Splunk SOAR Reference Architecture

Updated

Download the Splunk SOAR Reference Architecture.

This reference architecture aims to provide an understanding of the capabilities achievable with the Recorded Future integration into the Splunk SOAR. This document also outlines use cases implemented by our customers in the field.

Recorded Future provides two separate apps available in the Splunk SOAR marketplace. 

  • The Recorded Future for Splunk SOAR app provides many actions that enable the creation of playbooks to automate enrichment, threat hunting, alert handling, maintaining watchlists, and more. This app can be found on Splunkbase here.
  • The Recorded Future Sandbox for Splunk SOAR app can submit and detonate both files and URLs to the Recorded Future Sandbox and fetch reports back into the Splunk SOAR container. This app can be found on Splunkbase here.
This content is confidential. Do not distribute or download content in a manner that violates your Recorded Future license agreement. Sharing this content outside of licensed Recorded Future users constitutes a breach of the terms and/or agreement and shall be considered a breach by your organization.
Was this article helpful?
0 out of 0 found this helpful

Articles in this section